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Remarks 

The above Amendments and these Remarks are in reply to the Office Action mailed 
February 18, 2010. 

I. Interview Summary 

Applicant thanks Examiner Wang for the courtesy of a telephone interview between 
Examiner Wang and Kuiran (TED) Liu (#60,039) on April 14, 2010. During the telephone 
interview, a proposed amendment on independent claim 1 was discussed. No agreement was 
reached during the interview. 

II. Summary of Examiner's Rejections 

Prior to the Office Action mailed February 18, 2010, Claims 1, 3, 7-14, 16, 20-25, 52-62 
were pending in the Application. Claims 1, 3, 7-14, 16, 20-25, 52-62 were rejected under 35 
U.S.C. 103(a) as being unpatentable over Fisher (U.S. Publication No. 2003/0033535) in view of 
Fichtner(U.S. Publication No. 2003/0005297). 

III. Summary of Applicant's Amendment 

The present Reply amends Claims 1, 7, 13, 20, 23, 52, 55, 60, cancels Claims 12, 25, 
54, 57-58 and 61-62, and adds new Claims 63-65, leaving for the Examiner's present 
consideration Claims 1, 3, 7-11, 13-14, 16, 20-24, 52-53, 55-56, 60, and 63-65. 
Reconsideration thereof is respectfully requested. 

IV. Claim Rejections under 35 U.S.C. § 103(a) 

In the Office Action mailed February 18, 2010, Claims 1, 3-5, 7-14, 16-18, 20-25, 51-55 
were rejected under 35 U.S.C. 103(a) as being unpatentable over Fisher in view of Fichtner. 

Claim 1 

Claim 1 has been amended to recite: 

1. (Currently Amended) A system for single security administration comprising: 

a first application server of a transactional server type, which is configured to 
execute transaction processes including receiving transactional procedure calls from 
clients to initiate the transaction processes, wherein the first application server includes 
an access control list which defines user security information for use in 
authorizing the calls from clients, and 

a Lightweight Directory Access Protocol (LDAP) authentication server 
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plugin which is configured to forward the transactional procedure calls from 
clients to another application server for authorization; 

a second application server of a non-transactional server type, which is 
configured to administer security for the first application server, wherein the second 
application server includes 

a user profile database which includes security information for a plurality 

of users, including for each of the users a mapping of security credentials for that 

user between the transactional server type and the non-transactional server type, 

and 

an embedded LDAP server which is configured to receive and process 
the transactional procedure calls from the LDAP authentication server plugin; and 
wherein, when a transactional procedure call to initiate a transaction is received 
from a client at the first application server, the LDAP authentication server plugin 
identifies the user associated with the transactional procedure call, 
determines that the second application server should authenticate the 

user, 

initiates an LDAP session between the first application server and the 
second application server, and 

forward the transactional procedure call to the embedded LDAP server, 
wherein, upon receiving the transactional procedure call from the LDAP 
authentication server plugin, the embedded LDAP server 
processes the transactional procedure call, 

determines a corresponding user information from the user profile 

database, and 

returns the corresponding user information to the LDAP authentication 
server plugin, 

and wherein, after receiving from the embedded LDAP server a corresponding 
user information as determined by the user profile database at the second application 
server, the LDAP authentication server plugin 

creates a token reflecting an authentication result based on the 

corresponding user information, which is subsequently used to authenticate the 

client to participate in the transaction. 



Fisher discloses a common authentication protocol or proxy (CAP) server which includes 
an authentication interface that communicates with directory service authentication backends. 
(Paragraph [0019]). As further disclosed at Paragraph [0023], Fisher describes that the CAP 
server obtains the user or user group information from an external source. 

However, there is no indication in Fisher that the CAP server can receive a transactional 
procedure call to initiate a transaction , and forward the transactional procedure call to an 
authentication backend. Also there is no indication in Fisher that the authentication backends 
can receive and process such a transactional procedure call to initiate a transaction. 

Fichtner discloses that "a main focus of the present invention is to provide a database 
server with the capability of performing a Web single-sign-on to various backend HTTP servers. 
In order for this feature to be enabled, resource credential mapping capability is used to provide 
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this goal. Essentially, a resource credential may be used to store a user's identity and password 
for signing on a particular backend HTTP server. . . . Resource . . . data objects . . . may allow an 
administrator to map a specific application's user identification and password to one or more 
multiple backend HTTP servers that require basic authentication sign-on credentials. ... 
Authentication server will be based on the location of the web resource requested to find the 
URAF_ResCreds associated with the user, and provide the contents of UID and AuthnData to 
the backend HTTP server. As a result, the authentication server signs onto backend server on 
behalf of the user. " (Figure 9, Paragraph [0054]). 

Applicant respectfully submits that there is no indication in Fichtner that a transactional 
procedure call to initiate a transaction can be forwarded from a transactional server to a non- 
transactional server, and a embedded LDAP server in the non-transactional server can receive 
and process the transactional procedure call and provide authentication information. 

In view of the above comments, Applicant respectfully submits that Claim 1, as 
amended, is neither anticipated by, nor obvious in view of the cited references, when 
considered alone or in combination. Reconsideration thereof is respectfully requested. 

Claims 13 and 60 

The comments provided above with regard to Claim 1 are herein incorporated by 
reference. Claims 13 and 60 have been amended in a manner similar to Claim 1. Applicant 
respectfully submits that Claims 13 and 60, as amended, are likewise neither anticipated by, nor 
obvious in view of the cited references, when considered alone or in combination. 
Reconsideration thereof is respectfully requested. 

Claims 3, 7-11, 14, 16-18, 20-24, 52-53 and 55-56 

Claims 3, 7-11, 14, 16-18, 20-24, 52-53 and 55-56 depend from and include all of the 
features of Claims 1 and 13 are not addressed in detail herein. Applicant respectfully submits 
that these claims are allowable at least as depending from an allowable independent claim, and 
further in view of the amendments to the independent claims, and the comments provided 
above. Reconsideration thereof is respectfully requested. 

V. Additional Amendments 

Claims 63-65 have been newly added by the present Reply. Applicant respectfully 
requests that new Claims 63-65 be included in the Application and considered therewith. 
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VI. Conclusion 

In view of the above amendments and remarks, it is respectfully submitted that all of the 
claims now pending in the subject patent application should be allowable, and reconsideration 
thereof is respectfully requested. The Examiner is respectfully requested to telephone the 
undersigned if he can assist in any way in expediting issuance of a patent. 

The Commissioner is authorized to charge any underpayment or credit any overpayment 
to Deposit Account No. 06-1325 for any matter in connection with this response, including any 
fee for extension of time, which may be required. 

Respectfully submitted, 



Date: April 19. 2010 By: /Kuiran (Ted) Liu/ 

Kuiran (Ted) Liu 
Reg. No. 60,039 

Customer No.: 80548 
FLIESLER MEYER LLP 
650 California Street, 14 th Floor 
San Francisco, California 94108 
Telephone: (415)362-3800 
Fax: (415)362-2928 



12 

Attorney Docket No.: ORACL-01416US1 SRM/KRL 

M:\tliu\wp\ORACL\1400-1499\1416US1\oracl_1416us1_Reply_021810_FOA.doc 



